Security Change Management

Bringing Order to Chaos

Security Change Management

Information security processes and controls are often not considered as part of the well-established change and configuration management frameworks. Organisations build secure technological infrastructures and conduct penetration testing to identify vulnerabilities, but there is often no ongoing security maintenance leading to security failures. These failures can be put down to a number of inherent issues:

  • Disparate systems with no oversight or joined up management.
  • Slow change management leading to processes being circumnavigated, ignored or no joined up decision-making.
  • Security not built-in, but bolted on after the event.
  • Legacy thinking rather than agile planning.
  • Poor succession planning for legacy platforms.
  • Lack of security process maintenance.
  • Management out of the loop with corporate protection.

Security_Change.jpg

Increased security concerns have a direct consequence on the number of changes (i.e. patch installations to remediate vulnerabilities, configuration changes to block attacks, etc.) requested. Often these changes are planned, driven by security or compliance requirements, the introduction of advanced technologies or other requirements, but sometimes the changes are driven by urgency when systems/applications/networks are under attack.

CMA will work with organisations to develop a comprehensive and effective security change management program.

FREE GUIDE:

CYBER SECURITY

ON A BUDGET

Fiil in the form below


Book a call to discuss or ask any questions about the course. Please don't forget to change your location first.

Talk to our vCISOs about your requirments. CISO Chief Information Security Officer